Some industries are more vulnerable to cyber threats hence facing a high risk of experiencing data breaches or other types of cyber attacks in the future.

As organizations create and store more data in the cloud, security teams must ensure the data is protected from cyberthreats. Learn more about what causes data breaches and about the best practices you can adopt to secure data stored in the cloud.

With the explosion of data being generated and stored in the cloud, hackers are creating new and innovative attack techniques to gain access to cloud environments and steal data. A review of recent major data breaches shows us that data thieves are using social engineering, hunting for exposed credentials, looking for unpatched vulnerabilities and misconfigurations and employing other sophisticated techniques to breach cloud environments.

A look at recent cloud data-breach trends

Here are some takeaways from major data breaches that have occurred this year:

• Managing the risk from your third-parties – partners, service providers, vendors – has always been critical. It’s even more so when these trusted organizations have access to your cloud environment and cloud data. You must make sure that your third-parties are using proper cloud-security protections to safeguard their access to your cloud data and to your cloud environment.
• Secure your identities. We’ve seen major data breaches this year tracked down to simple missteps like failing to protect highly-privileged admin accounts and services with multi-factor authentication (MFA). 
• Adopt best practices to prevent ransomware attacks, and to mitigate them if you get hit by one. Ransomware gangs know that a surefire way to pressure victims into paying ransoms is to hijack their systems and threaten to expose their sensitive data. 

So, how can you strengthen your data security posture against these types of attacks?

1. Implement a "zero trust" security framework that requires all users, whether inside or outside the organization, to be authenticated, authorized and continuously validated before being granted or maintaining access to data. This framework should allow only time-limited access and be based on the principle of least privilege, which limits access and usage to the minimum amount of data required to perform the job.
2. Use a cloud data security posture management (DSPM) solution to enforce the security framework through continuous monitoring, automation, prioritization and visibility. DSPM solutions can help organizations identify and prioritize data security risks based on their severity, allowing them to focus their resources on the most critical issues.
3. Regularly conduct risk assessments to detect and remediate security risks before they can be exploited by hackers. This can help prevent data breaches and minimize the impact of any security incidents that do occur.
4. Train employees on security best practices, including how to create strong passwords, how to identify risks and how to report suspicious activity.

By following these recommendations, organizations can significantly reduce their risk of a data breach and improve handling sensitive data belonging to their organization. As more and more data moves to the cloud and hackers become more sophisticated, it's essential to prioritize security and take proactive measures to protect against data risks. 

Learn more

• Webinar: Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?
• Data Sheet: Data Security Posture Management (DSPM) Integrated into Tenable Cloud Security
• Data Sheet: Securing AI Resources and Data in the Cloud with Tenable Cloud Security
• Infographic: When CNAPP Met DSPM
• Video: Demo Video: Data Security Posture Management and AI Security Posture Management

More than half of all breaches occurred in the Department of Social Protection, data revealed.

Read more: Human error the leading cause of Government data breaches

More than 37,500 Delaware agents, policyholders, beneficiaries impacted Following the receipt of additional data breach reports from insurers, including those related to the breach of the MOVEit file transfer services system used by third-party vendors, the Delaware Department of Insurance is updating this consumer alert and will be updating the online posting as information is […]

We have notified you in an earlier e-briefing of additional powers being granted to the Information Commissioner's Office (ICO) to take enforcement action against breaches of the Data Protection Act (DPA). A new power to is...

Canada hit by COVID cheque fraud; Webex, Teams under attack, more COVID email scams and three big data breaches Welcome to Cyber Security Today. It’s Friday May 8th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below: It didn’t take long for cybercriminals to take advantage…

All startups have one thing in common when it comes to cybersecurity: they all are at some level of risk of a costly data breach. Startup business owners may not even be aware of certain vulnerabilities including ransomware, phishing, data… Read More

The post Cybersecurity for Startups: A 5 Step Plan for Preventing Costly Data Breaches appeared first on Anders CPAs.

The health care industry is one of the biggest targets for cybersecurity attacks. In 2018 alone, nearly 300 data breaches affected 11.5 million patients, according to a Bitglass report. Cybercriminals see health care organizations as the perfect victim due to… Read More

The post Data Breaches in Hospitals are on the Rise – How Health Care Organizations Can Prevent Cybersecurity Attacks appeared first on Anders CPAs.